Beispiel #1
0
 def comment(self, id):
     loggedInUser = helper.getLoggedInUser()
     jsonData = helper.getRequestBody()
     if jsonData != "":
         theShift = Shift.read(id, userId=loggedInUser)
         if not theShift:
             return error("Shift does not exist.",
                          ResourceDoesNotExistError)
         if theShift.type != "shift":
             return error("Resource is not of type shift",
                          ResourceTypeError)
         from server.models.ssuser import SSUser
         theUser = SSUser.read(loggedInUser)
         theData = json.loads(jsonData)
         if theUser.canRead(theShift):
             from server.models.comment import Comment
             Comment.create(theUser.id, theShift.id, theData["text"],
                            theData.get("subscribe") or False)
             return data(Shift.read(theShift.id, theUser.id))
         else:
             return error(
                 "Operation not permitted. You don't have permission to comment on this shift.",
                 PermissionError)
     else:
         return error("No data for comment.", NoDataError)
Beispiel #2
0
 def publish(self, id):
     # NOTE: should maybe take publishData url parameter - David 9/5/2009
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id, loggedInUser)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     publishData = json.loads(helper.getRequestBody())
     # convert targets to actual database references
     if publishData.get("targets"):
         from server.models.group import Group
         from server.models.ssuser import SSUser
         theUser = SSUser.read(loggedInUser)
         targets = publishData["targets"]
         # convert short names to group ids
         shortNames = [target[1:] for target in targets if target[0] == "&"]
         groupIds = Group.shortNamesToIds(shortNames)
         # convert user name to user ids
         userNames = [target[1:] for target in targets if target[0] == "@"]
         userIds = SSUser.namesToIds(userNames)
         # create list of dbs being published to
         dbs = [Group.db(groupId) for groupId in groupIds]
         # validate groups
         writeable = theUser.writeable()
         if not set(dbs).issubset(set(writeable)):
             return error(
                 "Operation not permitted. You don't have permission to publish to some of these groups",
                 PermissionError)
         # TODO: validate against blocked users - David 2/15/10
         dbs.extend([SSUser.db(userId) for userId in userIds])
         publishData["dbs"] = dbs
     return data(theShift.publish(publishData))
Beispiel #3
0
 def publish(self, id):
     # NOTE: should maybe take publishData url parameter - David 9/5/2009
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id, loggedInUser)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     publishData = json.loads(helper.getRequestBody())
     # convert targets to actual database references
     if publishData.get("targets"):
         from server.models.group import Group
         from server.models.ssuser import SSUser
         theUser = SSUser.read(loggedInUser)
         targets = publishData["targets"]
         # convert short names to group ids
         shortNames = [target[1:] for target in targets if target[0] == "&"]
         groupIds = Group.shortNamesToIds(shortNames)
         # convert user name to user ids
         userNames = [target[1:] for target in targets if target[0] == "@"]
         userIds = SSUser.namesToIds(userNames)
         # create list of dbs being published to
         dbs = [Group.db(groupId) for groupId in groupIds]
         dbs.extend([SSUser.db(userId) for userId in userIds])
         # validate
         writeable = theUser.writeable()
         if set(writeable) != set(dbs):
             return error("Operation not permitted. You don't have permission to publish to some of these gruops", PermissionError)
         publishData["dbs"] = dbs
     return data(theShift.publish(publishData))
Beispiel #4
0
 def unpublish(self, id):
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id, loggedInUser)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     return data(theShift.unpublish())
Beispiel #5
0
 def testDelete(self):
     json = shiftJson()
     json["createdBy"] = self.fakemary.id
     newShift = Shift.create(json)
     self.assertNotEqual(newShift, None)
     newShift.delete()
     theShift = Shift.read(newShift.id, self.fakemary.id)
     self.assertEqual(theShift, None)
Beispiel #6
0
 def unpublish(self, id):
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id, loggedInUser)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     return data(theShift.unpublish())
Beispiel #7
0
 def testUpdate(self):
     json = shiftJson()
     json["createdBy"] = self.fakemary.id
     newShift = Shift.create(json)
     newShift.update({"summary":"changed!"})
     theShift = Shift.read(newShift.id, self.fakemary.id)
     self.assertEqual(theShift.summary, "changed!")
     db = core.connect(SSUser.privateDb(self.fakemary.id))
     del db[theShift.id]
Beispiel #8
0
 def testRead(self):
     json = shiftJson()
     json["createdBy"] = self.fakemary.id
     newShift = Shift.create(json)
     theShift = Shift.read(newShift.id, self.fakemary.id)
     self.assertEqual(theShift.source.server, newShift.source.server)
     self.assertEqual(theShift.source.database, newShift.source.database)
     self.assertEqual(theShift.createdBy, self.fakemary.id)
     db = core.connect(SSUser.privateDb(self.fakemary.id))
     del db[theShift.id]
Beispiel #9
0
 def comment(self, id):
     loggedInUser = helper.getLoggedInUser()
     jsonData = helper.getRequestBody()
     if jsonData != "":
         theShift = Shift.read(id)
         if not theShift:
             return error("Resource does not exist.", ResourceDoesNotExistError)
         if theShift.type != "shift":
             return error("Resource is not of type shift", ResourceTypeError)
         from server.models.ssuser import SSUser
         theUser = SSUser.read(loggedInUser)
         theData = json.loads(jsonData)
         if theUser.canRead(theShift):
             from server.models.comment import Comment
             Comment.create(theUser.id, theShift.id, theData["text"], theData.get("subscribe") or False)
             return data(Shift.read(theShift.id, theUser.id))
         else:
             return error("Operation not permitted. You don't have permission to comment on this shift.", PermissionError)
     else:
         return error("No data for comment.", NoDataError)
Beispiel #10
0
 def share(self, id, users):
     from server.models.ssuser import SSUser
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id)
     if not theShift or theShift.publishData.private:
         return error("You don't have permission to view this shift.", PermissionError)
     targets = users.split(" ")
     userNames = [target[1:] for target in targets if target[0] == "@"]
     userIds = SSUser.namesToIds(userNames)
     theShift.shareWith(userIds, fromUser=SSUser.read(loggedInUser))
     return ack
Beispiel #11
0
 def share(self, id, users):
     from server.models.ssuser import SSUser
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id)
     if not theShift or theShift.publishData.private:
         return error("You don't have permission to view this shift.",
                      PermissionError)
     targets = users.split(" ")
     userNames = [target[1:] for target in targets if target[0] == "@"]
     userIds = SSUser.namesToIds(userNames)
     theShift.shareWith(userIds, fromUser=SSUser.read(loggedInUser))
     return ack
Beispiel #12
0
 def read(self, id):
     from server.models.ssuser import SSUser
     loggedInUser = helper.getLoggedInUser()
     theUser = SSUser.read(loggedInUser)
     theShift = Shift.read(id, loggedInUser)
     if theShift and theUser.canRead(theShift):
         return data(theShift)
     else:
         if not theShift:
             return error("Resource does not exist.", ResourceDoesNotExistError)
         else:
             return error("Operation not permitted. You don't have permission to view this shift. %s" % theShift, PermissionError)
Beispiel #13
0
 def comments(self, id, start=None, end=None, limit=25):
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     from server.models.ssuser import SSUser
     theUser = SSUser.read(loggedInUser)
     if theShift.isPublic() or theUser.canRead(theShift):
         return data(theShift.comments(start=start, end=end, limit=limit))
     else:
         return error("Operation not permitted. You don't have permission to view comments on this shift.", PermissionError)
Beispiel #14
0
 def unfavorite(self, id):
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     from server.models.ssuser import SSUser
     theUser = SSUser.read(loggedInUser)
     if theUser.canRead(theShift):
         return data(theUser.unfavorite(theShift))
     else:
         return error("Operation not permitted. You don't have permission to unfavorite this shift.", PermissionError)
Beispiel #15
0
 def comments(self, id, start=None, end=None, limit=25):
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id, userId=loggedInUser)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     from server.models.ssuser import SSUser
     theUser = SSUser.read(loggedInUser)
     if theShift.isPublic() or theUser.canRead(theShift):
         return data(theShift.comments(start=start, end=end, limit=limit))
     else:
         return error(
             "Operation not permitted. You don't have permission to view comments on this shift.",
             PermissionError)
Beispiel #16
0
 def delete(self, id):
     from server.models.ssuser import SSUser
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id, loggedInUser)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     from server.models.ssuser import SSUser
     theUser = SSUser.read(loggedInUser)
     if theUser.canModify(theShift):
         theShift.delete()
         return ack
     else:
         return error("Operation not permitted. You don't have permission to delete this shift.", PermissionError)
Beispiel #17
0
 def read(self, id):
     from server.models.ssuser import SSUser
     loggedInUser = helper.getLoggedInUser()
     theUser = SSUser.read(loggedInUser)
     theShift = Shift.read(id, loggedInUser)
     if theShift and theUser.canRead(theShift):
         return data(theShift)
     else:
         if not theShift:
             return error("Resource does not exist.",
                          ResourceDoesNotExistError)
         else:
             return error(
                 "Operation not permitted. You don't have permission to view this shift. %s"
                 % theShift, PermissionError)
Beispiel #18
0
 def unfavorite(self, id):
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     from server.models.ssuser import SSUser
     theUser = SSUser.read(loggedInUser)
     if theUser.canRead(theShift):
         return data(theUser.unfavorite(theShift))
     else:
         return error(
             "Operation not permitted. You don't have permission to unfavorite this shift.",
             PermissionError)
Beispiel #19
0
 def unnotify(self, id):
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     from server.models.ssuser import SSUser
     theUser = SSUser.read(loggedInUser)
     if theUser.canRead(theShift):
         if theUser.isSubscribed(theShift):
             theUser.unsubscribe(theShift)
             return ack
         else:
             return error("You are not getting notification from this comment thread.", NotBeingNotifiedError)
     else:
         return error("Operation not permitted. You don't have permission to be notified of events on this stream.", PermissionError)
Beispiel #20
0
 def delete(self, id):
     from server.models.ssuser import SSUser
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id, loggedInUser)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     from server.models.ssuser import SSUser
     theUser = SSUser.read(loggedInUser)
     if theUser.canModify(theShift):
         theShift.delete()
         return ack
     else:
         return error(
             "Operation not permitted. You don't have permission to delete this shift.",
             PermissionError)
Beispiel #21
0
 def update(self, id):
     from server.models.ssuser import SSUser
     loggedInUser = helper.getLoggedInUser()
     jsonData = helper.getRequestBody()
     if jsonData != "":
         theShift = Shift.read(id, loggedInUser)
         if not theShift:
             return error("Resource does not exist.", ResourceDoesNotExistError)
         if theShift.type != "shift":
             return error("Resource is not of type shift", ResourceTypeError)
         from server.models.ssuser import SSUser
         shiftData = json.loads(jsonData)
         theUser = SSUser.read(loggedInUser)
         if theUser.canModify(theShift):
             return data(theShift.update(shiftData))
         else:
             return error("Operation not permitted. You don't have permission to update this shift.", PermissionError)
     else:
         return error("No data for shift.", NoDataError)
Beispiel #22
0
 def unnotify(self, id):
     loggedInUser = helper.getLoggedInUser()
     theShift = Shift.read(id)
     if not theShift:
         return error("Resource does not exist.", ResourceDoesNotExistError)
     if theShift.type != "shift":
         return error("Resource is not of type shift", ResourceTypeError)
     from server.models.ssuser import SSUser
     theUser = SSUser.read(loggedInUser)
     if theUser.canRead(theShift):
         if theUser.isSubscribed(theShift):
             theUser.unsubscribe(theShift)
             return ack
         else:
             return error(
                 "You are not getting notification from this comment thread.",
                 NotBeingNotifiedError)
     else:
         return error(
             "Operation not permitted. You don't have permission to be notified of events on this stream.",
             PermissionError)
Beispiel #23
0
 def update(self, id):
     from server.models.ssuser import SSUser
     loggedInUser = helper.getLoggedInUser()
     jsonData = helper.getRequestBody()
     if jsonData != "":
         theShift = Shift.read(id, loggedInUser)
         if not theShift:
             return error("Resource does not exist.",
                          ResourceDoesNotExistError)
         if theShift.type != "shift":
             return error("Resource is not of type shift",
                          ResourceTypeError)
         from server.models.ssuser import SSUser
         shiftData = json.loads(jsonData)
         theUser = SSUser.read(loggedInUser)
         if theUser.canModify(theShift):
             return data(theShift.update(shiftData))
         else:
             return error(
                 "Operation not permitted. You don't have permission to update this shift.",
                 PermissionError)
     else:
         return error("No data for shift.", NoDataError)
Beispiel #24
0
 def favorite(self, aShift):
     from server.models.favorite import Favorite
     from server.models.shift import Shift
     Favorite.create(self.id, aShift.id)
     return Shift.joinData(Shift.read(aShift.id), self.id)
Beispiel #25
0
 def unfavorite(self, aShift):
     from server.models.favorite import Favorite
     from server.models.shift import Shift
     Favorite.readByUserAndShift(self.id, aShift.id).delete()
     return Shift.joinData(Shift.read(aShift.id), self.id)
Beispiel #26
0
 def unfavorite(self, aShift):
     from server.models.favorite import Favorite
     from server.models.shift import Shift
     Favorite.readByUserAndShift(self.id, aShift.id).delete()
     return Shift.joinData(Shift.read(aShift.id), self.id)
Beispiel #27
0
 def favorite(self, aShift):
     from server.models.favorite import Favorite
     from server.models.shift import Shift
     Favorite.create(self.id, aShift.id)
     return Shift.joinData(Shift.read(aShift.id), self.id)